Former Twitter Executives Blame Musk for Deteriorating Privacy and Security Practices

Former Twitter Executives Express Concerns over Privacy and Security Practices under Elon Musk

A recent court filing has revealed that former executives of the social media platform, formerly known as Twitter and now rebranded as X Corp., have raised concerns about the deterioration of privacy and security practices following Elon Musk‘s acquisition of the company. These concerns have prompted an investigation by the Federal Trade Commission (FTC) into whether Twitter-X Corp. violated a 2011 consent order with the agency aimed at safeguarding user data.

Acquisition Impact on Security and Privacy

Former Chief Privacy Officer Damien Kieran stated that the firing and layoffs that occurred post-acquisition meant that no one was accountable for around 37% of X Corp.’s privacy program controls. Chief Information Security Officer Lea Kissner testified that Musk‘s decisions impaired the company’s ability to protect user contact data, which was the central focus of the 2011 agreement with the FTC. Former Director of Security Engineering Andrew Sayler also expressed ongoing doubts about Musk‘s commitment to the organization’s overall security and privacy.

One incident that raised concerns involved Musk directing employees to move X Corp. servers to a new data center without giving them adequate time to follow internal policies to wipe the servers. As a result, the servers were transferred with sensitive data, potentially posing privacy risks to users.

Employees interviewed by investigators also expressed worries that Musk ignored warnings about the potential misuse of Twitter Blue, the company’s subscription service that replaced the blue checkmark verification system. Scammers were able to purchase verifications through the service, leading to its suspension.

FTC Investigation and Twitter‘s Legal Battle

The FTC launched its investigation into X Corp. following significant changes within the company, including the departure of key executives in privacy and security roles, the rushed rollout of Twitter Blue, and reported issues with site outages, product malfunctions, and data access problems.

In response to the investigation, X Corp. filed a request with a federal court in July to terminate the 2011 agreement with the FTC, claiming that the agency was imposing excessive demands and using the consent order as grounds for invasive scrutiny of the company’s actions unrelated to data privacy and security concerns.

However, the Department of Justice (DOJ), in a recent filing, has asked the federal court to reject X Corp.’s request to terminate the agreement. The DOJ argued that the company’s allegations of witness tampering were based on cherry-picked excerpts and that Ernst & Young, the firm auditing Twitter-X Corp., chose to terminate the agreement due to the company’s lack of cooperation with the investigation.

Partisan Divide and the FTC’s Role

The handling of the X Corp. investigation by the FTC has become a point of contention along partisan lines. Congressional Republicans have criticized Chairwoman Lina Khan and the agency’s investigation into the Musk-owned social media platform, referring to it as “outrageous.”

Editorial: Striking a Balance Between Innovation and Security

This recent revelation of privacy and security concerns at X Corp. raises important questions about the responsibility technology companies have in protecting user data. While innovation and growth are essential aspects of the digital age, ensuring privacy and security should be paramount.

Elon Musk‘s leadership at X Corp. must prioritize addressing the issues raised by former executives to rebuild trust among users and regulators. It is crucial that X Corp. demonstrates a commitment to comprehensive privacy and security programs, including regular external audits.

However, it is also important for regulators, such as the FTC, to strike a balance between holding companies accountable and allowing them the flexibility to innovate. Excessive scrutiny and demands could potentially stifle technological advancement. The FTC should focus on ensuring that companies adhere to established privacy and security standards while encouraging an environment that fosters innovation.

Ultimately, the responsibility to safeguard user data lies with both technology companies and regulatory authorities. It is essential for all stakeholders to collaborate and establish clear guidelines to protect user privacy and security without hindering progress.

Advice: Protecting Your Online Privacy

In an era of increasing digital risks, protecting your online privacy has become more vital than ever. Here are a few practical tips to help safeguard your personal information:

1. Strengthen Passwords

Use unique and complex passwords for each online account and consider using a password manager to organize and secure your credentials.

2. Enable Two-Factor Authentication

Activate two-factor authentication whenever it is available to add an extra layer of security to your accounts.

3. Regularly Update Software

Keep your devices and applications up to date with the latest security patches and updates to protect against known vulnerabilities.

4. Be Mindful of Sharing Personal Information

Think twice before sharing sensitive personal information online, especially on social media platforms. Be cautious when interacting with unfamiliar websites or apps that request personal data.

5. Review Privacy Settings

Regularly review and adjust privacy settings on your social media accounts and other online services to control the information accessible to others.

6. Use Virtual Private Networks (VPNs)

Consider using a VPN when accessing the internet to encrypt your connection and protect your data from potential eavesdroppers.

By implementing these measures, you can enhance your online privacy and reduce the risk of unauthorized access to your personal information.